Author
Topic: FTDIgate 2.0? (Read 203228 times)

Hi,today I wanted to program my arduino nano (Chinese clone) as always, but it didn't work (sync error). I tried another, failed, too. Tried a third... failed.I hooked up my oscilloscope to the nanos RX (TX of FTDI clone) and really got strange results. Each try to program firmware created different pulses?! (screenshots attached)I opened windows device manager and looked at a brand new FTDI driver (2.12.12.0) dated 06.01.2016 I obviously got via windows update...Well, I really can't believe FTDI is messing with the driver again?! So I checked on a second PC, also Windows 10, never an arduino connected to it.I connected one of the nanos to it. It installed the new FTDI driver via windows update. I opened the COM-Port with Putty and pressed some keys - monitoring it on the oscilloscope. And yep, the same key gives different pulses on the serial port every time...Can someone please confirm that?!

Edit: Confirmed to be the standard behavior of the FTDI driver for a year now, but now comes back up because of the new driver beeing spread out by windows update. For a fix look at #msg854401

Okay... connecting RX to TX actually reads back "NON GENUINE DEVICE FOUND!". A brief google search tells me that that's actually not new. But I thought FTDI had stopped publishing these drivers via windows update? I had no problems with these chips over the last year... Why are they doing it again now??

Sure, as if I would buy genuine FTDI chips now All new devices I have use the CH340G. Sending random characters on the RS232 interface may cause really bad things to existing products and the buyer often had no chance to know that he bought a fake chip... But that all had been discussed a year ago.

So, just a warning for you all, be aware of the new FTDI driver coming with windows update!

Seems they are doing their best to makes sure no one want anything says FTDI on it, killing the market for FTDI chips will solve the problem of fakes, but probly kill FTDI in the process

I have no problem using FTDI, or buying anything that uses FTDI. Don't buy knockoff crap and it's not a problem. On the off-chance you do end up getting a knockoff chip in a legitimate product, talk to the manufacturer so they can RMA it and get their supply lines sorted out.

I've tried older drivers 2.10.00 and 2.08.30, both give me "NON GENUINE DEVICE FOUND!". Can these chips now be permanently bricked?? Obviously I haven't followed the whole #ftdigate for long time. A year ago I reverted my PIDs to 6001 and used an older driver and everything seemed to be fine after that... until today

I've tried older drivers 2.10.00 and 2.08.30, both give me "NON GENUINE DEVICE FOUND!". Can these chips now be permanently bricked?? Obviously I haven't followed the whole #ftdigate for long time. A year ago I reverted my PIDs to 6001 and used an older driver and everything seemed to be fine after that... until today

I think the fake chips are fine. But since FTDI cannot brick the counterfeit chips anymore they just send some garbage ("NON GENUINE DEVICE FOUND!") over their data endpoints. Doing so won't brick the chips but they will still render the products using them useless. I guess only the Windows driver can do this scam because for Linux, the source code for FTDI driver should be available and such behavior won't be tolerated into a Linux kernel driver. Can you try these boards on a Linux machine?

I have no problem using FTDI, or buying anything that uses FTDI. Don't buy knockoff crap and it's not a problem. On the off-chance you do end up getting a knockoff chip in a legitimate product, talk to the manufacturer so they can RMA it and get their supply lines sorted out.

That's great if you are a patient end-user consumer with a non-critical application and no particular time schedule. And buying something expensive enough to come with the bare minimum of "Customer Service".Apparently you didn't read much of the original discussion.

Okay, got it back working If you manually select an older driver, like 2.08.30, you have to change the driver not only on the obvious "USB Serial Port (COMx)" (ftdiport.inf) but also the corresponding "USB Serial Converter" (ftdibus.inf) listed under "USB-Controller" in the device manager. After changing BOTH to 2.08.30, the chip works fine again. It is easy to see if you list the devices by connection. (screenshot)

Guess with the new driver being rolled out by windows update at the moment that might be a trap for lots of us, not having had to deal with this pain in the ass stuff for more than a year now. After setting everything up now, I can remember I had to change BOTH drivers last year, too... It's just not obvious and easy to forget

I have no problem using FTDI, or buying anything that uses FTDI. Don't buy knockoff crap and it's not a problem. On the off-chance you do end up getting a knockoff chip in a legitimate product, talk to the manufacturer so they can RMA it and get their supply lines sorted out.

That's great if you are a patient end-user consumer with a non-critical application and no particular time schedule. And buying something expensive enough to come with the bare minimum of "Customer Service".Apparently you didn't read much of the original discussion.

Who on earth purchases a critical piece of equipment with a hard time deadline and refuses to pay enough for the bare minimum of "Customer Service" They deserve to get kicked in the ass for being so short-sighted.

No, I didn't read the original discussion, and if this is the kind of attitude in it I'm glad I didn't.

FTDI put/puts a lot of time and money into writing and maintaining their drivers, getting them signed and certified, integrated into the Windows Update ecosystem and the Linux kernel, etc. They recoup this cost through a slightly higher sales price on their products, and people pay it because of the convenience. Why would you expect to be able to use FTDI's drivers, for free, forever, without purchasing their product? That attitude just blows my mind. You should consider every day you've been able to use FTDI's drivers with your counterfeit device as a gift, rather than freaking out when that privilege is finally revoked. This attitude of entitlement bothers me to no end. I suppose Microsoft's "Genuine Advantage" system should be renamed into Microsoft-gate too?

These counterfeit companies are welcome to build their own devices, but they should also be writing their own drivers and going through the same process as FTDI to integrate those drivers into consumer operating systems, maintaining them, etc., in order to make their devices usable to end-users. What's that? Doing so would mean they'd have to charge FTDI-like prices? Oh shucks, I guess the world does make sense after-all.

Don't want to deal with this kind of BS? Then quit shopping on eBay and Alibaba and spend an extra dollar on the real thing.

I have no problem using FTDI, or buying anything that uses FTDI. Don't buy knockoff crap and it's not a problem. On the off-chance you do end up getting a knockoff chip in a legitimate product, talk to the manufacturer so they can RMA it and get their supply lines sorted out.

That's great if you are a patient end-user consumer with a non-critical application and no particular time schedule. And buying something expensive enough to come with the bare minimum of "Customer Service".Apparently you didn't read much of the original discussion.

Who on earth purchases a critical piece of equipment with a hard time deadline and refuses to pay enough for the bare minimum of "Customer Service" They deserve to get kicked in the ass for being so short-sighted.

No, I didn't read the original discussion, and if this is the kind of attitude in it I'm glad I didn't.

FTDI put/puts a lot of time and money into writing and maintaining their drivers, getting them signed and certified, integrated into the Windows Update ecosystem and the Linux kernel, etc. They recoup this cost through a slightly higher sales price on their products, and people pay it because of the convenience. Why would you expect to be able to use FTDI's drivers, for free, forever, without purchasing their product? That attitude just blows my mind. You should consider every day you've been able to use FTDI's drivers with your counterfeit device as a gift, rather than freaking out when that privilege is finally revoked. This attitude of entitlement bothers me to no end. I suppose Microsoft's "Genuine Advantage" system should be renamed into Microsoft-gate too?

These counterfeit companies are welcome to build their own devices, but they should also be writing their own drivers and going through the same process as FTDI to integrate those drivers into consumer operating systems, maintaining them, etc., in order to make their devices usable to end-users. What's that? Doing so would mean they'd have to charge FTDI-like prices? Oh shucks, I guess the world does make sense after-all.

Don't want to deal with this kind of BS? Then quit shopping on eBay and Alibaba and spend an extra dollar on the real thing.

Note: I'm using "you" in the collective sense, not you specifically.

all makes sense in a perfect world, in the real world people will just stop buying things that says FTDI on it

before FTDI everyone used a different chip (which I can't remember who made), when that company started making drivers that deliberately refused to work with fakes, everyone switched to FTDI because they just worked

Since @suicidaleggroll didn't read the original discussion, he is uninformed that there is no reliable way for ANYONE (including legitimate distributors and board assemblers) to definitively identify genuine chips vs counterfeit. Many legitimate, official, authorized supply lines have discovered counterfeit chips, sometimes only revealed when the end-user tried to use the product.

FTDI was widely criticized for not simply refusing to talk to counterfeit chips, but for deliberately BRICKING the chips without the customers knowledge or consent. And after that tsunami of ill-will, they are apparently back at their game of fouling their own nest. After the first debacle, one could argue that perhaps FTDI didn't DELIBERATELY set out to brick chips (although the the evidence was compelling). NOW, they are apparently back at the game of not simply refusing to talk to counterfeit chips, but DELIBERATELY sending their own counterfeit data in BOTH directions. In my book that just adds insult to injury and reinforces the notion that the first round was deliberate and not accidental.

Nobody is out there looking to save a few pennies buying counterfeit FTDI chips. The supply chain is apprently still contaminated with counterfeit chips and FTDI is doing nothing about it but continuing to cripple their own brand name. No wonder people are simply abandoning FTDI completely. Why would anybody continue to specify FTDI when they have no reasonable assurance that they will get genuine product that will make their customers happy.

all makes sense in a perfect world, in the real world people will just stop buying things that says FTDI on it

If by "people" you mean "people who buy counterfeit devices", then sure, but since they were never supporting FTDI to begin with, it doesn't matter. I don't buy counterfeit devices (as far as I can help it). I was never burned by FTDI-gate v1.0 or v2.0. I have no animosity towards FTDI, and I have no problems buying their chips to integrate into my own boards, or buying devices that utilize their chips. I imagine most other legitimate users are the same.

People who know better know what they're doing and know what the problem is. People who don't know better won't blame FTDI, they don't know enough to blame them. They'll blame the entity that sold them the device, as they rightly should. That entity, if they know about the fraud, had it coming to them. If they didn't, they'll blame the manufacturer who built the board. If the manufacturer knew about the fraud, they had it coming to them. If they didn't, they'll blame the parts supplier, and so on up the chain, until whoever it was that was screwing people over gets what was coming to them.

Since @suicidaleggroll didn't read the original discussion, he is uninformed that there is no reliable way for ANYONE (including legitimate distributors and board assemblers) to definitively identify genuine chips vs counterfeit. Many legitimate, official, authorized supply lines have discovered counterfeit chips, sometimes only revealed when the end-user tried to use the product.

FTDI was widely criticized for not simply refusing to talk to counterfeit chips, but for deliberately BRICKING the chips without the customers knowledge or consent. And after that tsunami of ill-will, they are apparently back at their game of fouling their own nest. After the first debacle, one could argue that perhaps FTDI didn't DELIBERATELY set out to brick chips (although the the evidence was compelling). NOW, they are apparently back at the game of not simply refusing to talk to counterfeit chips, but DELIBERATELY sending their own counterfeit data in BOTH directions. In my book that just adds insult to injury and reinforces the notion that the first round was deliberate and not accidental.

Nobody is out there looking to save a few pennies buying counterfeit FTDI chips. The supply chain is apprently still contaminated with counterfeit chips and FTDI is doing nothing about it but continuing to cripple their own brand name. No wonder people are simply abandoning FTDI completely. Why would anybody continue to specify FTDI when they have no reasonable assurance that they will get genuine product that will make their customers happy.

I know about the widespread problem. You're still blaming FTDI, but they are not the ones at fault. Their actions only serve to expose the problem. Do you honestly expect a device manufacturer to do NOTHING about a widespread counterfeit contamination of legitimate supply chains??? I mean seriously, what did you expect them to do? Sit on their haunches as they're run out of business by counterfeiters? What would you have done in their place?

Yes their decision (if it was so) to brick counterfeit devices was sudden and harsh, but IMO it was necessary. It was the only way to expose the prolific contamination of the supply chain. Everyone was forced to re-examine their supply, and fix it, cutting the counterfeiters out of the loop. Harsh, but necessary. The only reason the fallout was so bad was because that was the first time they had done anything to combat the problem. In my opinion they should continue this practice indefinitely, it's the only way to keep the counterfeiters out of the supply chain.

You claim there's no way for legitimate distributes to identify genuine chips. There is, now. You claim FTDI is doing nothing to combat the contaminated supply chain, what do you think this move is?!?! What do you think their alternative is?

Quote from: Richard Crowley

Why would anybody continue to specify FTDI when they have no reasonable assurance that they will get genuine product that will make their customers happy.

Their reasonable assurance is the reputation and usage of the build house. If the build house uses fake chips, which cause the end-product to completely fail, that's a pretty big indicator that there's a problem. Manufacturers will stop using that build house unless the build house can prove they were not a fault, by tracing the contamination up the supply chain, and so on, until the ones who are at fault are exposed and pushed out of the loop.

It obviously sucks for people affected, but the problem of counterfeit chips hurts everyone. If you're doing hardware outside of China you are at a serious disadvantage even before you take the labor costs into the equation. You don't have access to components that are 1/10th the price.

Since @suicidaleggroll didn't read the original discussion, he is uninformed that there is no reliable way for ANYONE (including legitimate distributors and board assemblers) to definitively identify genuine chips vs counterfeit. Many legitimate, official, authorized supply lines have discovered counterfeit chips, sometimes only revealed when the end-user tried to use the product.

FTDI was widely criticized for not simply refusing to talk to counterfeit chips, but for deliberately BRICKING the chips without the customers knowledge or consent. And after that tsunami of ill-will, they are apparently back at their game of fouling their own nest. After the first debacle, one could argue that perhaps FTDI didn't DELIBERATELY set out to brick chips (although the the evidence was compelling). NOW, they are apparently back at the game of not simply refusing to talk to counterfeit chips, but DELIBERATELY sending their own counterfeit data in BOTH directions. In my book that just adds insult to injury and reinforces the notion that the first round was deliberate and not accidental.

Nobody is out there looking to save a few pennies buying counterfeit FTDI chips. The supply chain is apprently still contaminated with counterfeit chips and FTDI is doing nothing about it but continuing to cripple their own brand name. No wonder people are simply abandoning FTDI completely. Why would anybody continue to specify FTDI when they have no reasonable assurance that they will get genuine product that will make their customers happy.

I know about the widespread problem. You're still blaming FTDI, but they are not the ones at fault. Their actions only serve to expose the problem. Do you honestly expect a device manufacturer to do NOTHING about a widespread counterfeit contamination of legitimate supply chains??? I mean seriously, what did you expect them to do? Sit on their haunches as they're run out of business by counterfeiters? What would you have done in their place?

Yes their decision (if it was so) to brick counterfeit devices was sudden and harsh, but IMO it was necessary. It was the only way to expose the prolific contamination of the supply chain. Everyone was forced to re-examine their supply, and fix it, cutting the counterfeiters out of the loop. Harsh, but necessary. The only reason the fallout was so bad was because that was the first time they had done anything to combat the problem. In my opinion they should continue this practice indefinitely, it's the only way to keep the counterfeiters out of the supply chain.

You claim there's no way for legitimate distributes to identify genuine chips. There is, now. You claim FTDI is doing nothing to combat the contaminated supply chain, what do you think this move is?!?! What do you think their alternative is?

I have dealt in the past with counterfeit ICs and can tell from my experience the degree of difficulty to identify counterfeits greatly varies depending on the degree of sophistication. In lieu of this, I see FTDI's identification of a fake (and consequent failure to operate) a reassurance. Bricking perhaps is a bit harsh, but it surely brought the attention the problem deserves.

Why would anybody continue to specify FTDI when they have no reasonable assurance that they will get genuine product that will make their customers happy.

Their reasonable assurance is the reputation and usage of the build house. If the build house uses fake chips, which cause the end-product to completely fail, that's a pretty big indicator that there's a problem. Manufacturers will stop using that build house unless the build house can prove they were not a fault, by tracing the contamination up the supply chain, and so on, until the ones who are at fault are exposed and pushed out of the loop.

Again, harsh, but necessary.

This is precisely what happens in the real world. I followed the other discussion and this was brought up there as well. The reason why one would still use FTDI devices in the light of this scenario is the reassurance it is easier to identify a fake and point the finger at their supply chain. Bricking a device is one problem, but what about the device specifications of the fake IC? Will it fail outside of the rated temp? Does it follow the USB specs to the "T" or will it fail to work with specific USB version variants, thus turning your customers dissatisfied?

Oh, the "whys" of the datasheets... The information is there not to be an axiomatic truth, but instead each speck of data must be slowly inhaled while carefully performing a deep search inside oneself to find the true metaphysical sense...

You-all keep assuming that customers WANT to buy counterfeit chips. I can't see why anybody would want to buy counterfeit product even if the FTDI software didn't care. You rightly observe that there are many downsides to using counterfeit chips and those by themselves would seem enough to discourage people.

The issue is the reaction of FTDI. They could notify the user of a detected counterfeit, they could downgrade performance or even refuse to talk to a counterfeit chip. But bricking the customer's product, and now (phase 2) sending their own FTDI-generated counterfeit data IN BOTH DIRECTIONS just looks like more of the same extremely belligerent attitude.

We could think of dozens of more graceful and helpful things FTDI could do to ingratiate themselves to their customers and remedy the situation. But instead, they choose to act like a toddler throwing a fit in the public market. @suicidaleggroll appears to have exactly the same attitude as the FTDI management. He would fit right in. He actually did a pretty good job of explaining their behavior.

However, I am having none of that. I'm voting with my feet and staying well clear of anything with FTDI in it, even if it can proved to be genuine. Life is challenging enough without choosing to work with such a belligerent vendor when there are alternatives who appear to have a higher priority for helping their customers.